Ory hydra #619
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Install applications on Kubernets | |
on: | |
pull_request: | |
workflow_dispatch: | |
inputs: | |
debug_enabled: | |
type: boolean | |
description: "Run the build with tmate debugging enabled (https://github.com/marketplace/actions/debugging-with-tmate)" | |
required: false | |
default: false | |
jobs: | |
install: | |
strategy: | |
matrix: | |
K3S_VERSION: ["v1.27.14+k3s1", "v1.28.10+k3s1", "v1.29.5+k3s1", "v1.30.1+k3s1"] | |
exclude: | |
- K3S_VERSION: ${{ github.base_ref != 'refs/heads/main' && 'v1.27.14+k3s1' }} | |
- K3S_VERSION: ${{ github.base_ref != 'refs/heads/main' && 'v1.28.10+k3s1' }} | |
- K3S_VERSION: ${{ github.base_ref != 'refs/heads/main' && 'v1.29.5+k3s1' }} | |
runs-on: self-hosted | |
steps: | |
- name: Cleanup | |
continue-on-error: true | |
run: | | |
ls -la ./ | |
rm -rf ./* || true | |
rm -rf ./.??* || true | |
ls -la ./ | |
- uses: actions/checkout@v3 | |
- name: Install dependencies | |
env: | |
HELM_VERSION: "v3.11.3" | |
HELM_DIFF_VERSION: "3.6.0" | |
HELMFILE_VERSION: "v0.152.0" | |
YQ_VERSION: "v4.33.3" | |
run: | | |
./.github/ci_config/bin/install-dependencies | |
- name: Prepare the environment (add secrets and enable installation of all components) | |
run: | | |
DNAME='CN=CI,O=TheHyve,L=Utrecht,C=NL' ./bin/init | |
helmfile_mods='\ \ \ \ \ \ - ../.github/ci_config/ci-config.yaml\n' | |
helmfile_mods+='\ \ \ \ \ \ - ../.github/ci_config/secrets.yaml.gotmpl' | |
sed -i "/secrets.yaml/a $helmfile_mods" environments.yaml | |
sed -i '/_install: /s/false/true/' etc/production.yaml | |
sed -i '/enable_logging_monitoring: /s/false/true/' etc/production.yaml | |
- name: Run helmfile template | |
env: | |
FIREBASE_ADMINSDK_JSON: ${{ secrets.FIREBASE_ADMINSDK_JSON }} | |
run: | | |
helmfile template | |
- name: Reinstall K3S | |
env: | |
INSTALL_K3S_VERSION: ${{ matrix.K3S_VERSION }} | |
K3S_KUBECONFIG_MODE: "644" | |
run: | | |
/usr/local/bin/k3s-uninstall.sh || true | |
curl -sfL https://get.k3s.io | sh -s - --disable traefik --disable-helm-controller | |
cp /etc/rancher/k3s/k3s.yaml ~/.kube/config | |
- name: Install RADAR-Kubernetes | |
env: | |
FIREBASE_ADMINSDK_JSON: ${{ secrets.FIREBASE_ADMINSDK_JSON }} | |
run: | | |
echo "kubeconfig: $KUBECONFIG" | |
kubectl get pods --all-namespaces | |
helmfile sync --concurrency 1 | |
# Enable tmate debugging of manually-triggered workflows if the input option was provided | |
- name: Manually triggered tmate session | |
uses: mxschmitt/action-tmate@v3 | |
if: ${{ github.event_name == 'workflow_dispatch' && inputs.debug_enabled }} | |
with: | |
limit-access-to-actor: true | |
- name: Slack Notification | |
if: ${{ failure() }} | |
uses: rtCamp/action-slack-notify@v2 | |
env: | |
SLACK_CHANNEL: ci-notifications | |
SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff' | |
SLACK_ICON: https://github.com/rtCamp.png?size=48 | |
SLACK_MESSAGE: 'The job has failed, go to https://github.com/RADAR-base/RADAR-Kubernetes/actions and use SSH for more information' | |
SLACK_TITLE: Post Title | |
SLACK_USERNAME: rtCamp | |
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} | |
- name: Setup tmate session if jobs have failed | |
if: ${{ failure() }} | |
uses: mxschmitt/action-tmate@v3 | |
timeout-minutes: 15 | |
with: | |
limit-access-to-actor: true | |
- name: Report cluster state | |
if: always() | |
run: | | |
kubectl get pods --all-namespaces | |
# TODO We can remove the k3s uninstallation once the k3d PR is merged. | |
- name: Delete clusters when job was canceled | |
if: cancelled() | |
run: | | |
k3d cluster delete --all || true | |
k3s-uninstall.sh || true | |
check-gitignore: | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/checkout@v3 | |
- name: Check gitignore | |
run: | | |
echo "Checking whether any files that should be ignored are uploaded" | |
echo | |
if find . -not -path './.git/*' -type f | git check-ignore --stdin --no-index; then | |
echo | |
echo "Remove the above files from this branch" | |
exit 1 | |
else | |
echo "No ignored files have been added" | |
fi |